Articles with tag: Heap
POSTED BY: census / 18.04.2017


CENSUS researchers Vasilis Tsaousoglou and Patroklos Argyroudis delivered the "The Shadow over Android: Heap Exploitation Assistance for Android's libc Allocator" technical talk at the 2017 INFILTRATE (Miami, Florida) conference. The abstract of the talk follows:

POSTED BY: census / 19.07.2015


CENSUS researcher Patroklos Argyroudis delivered the "OR'LYEH? The Shadow over Firefox" presentation at the 2015 INFILTRATE (Miami, Florida) and Summercon (Brooklyn, New York) conferences. The talk introduced a new jemalloc exploitation tool called "shadow" and expanded on Patroklos' previous work on Firefox/jemalloc exploitation techniques.

POSTED BY: argp / 16.06.2015

OR’LYEH? The Shadow over Firefox (INFILTRATE 2015)

About two months ago (April 15th 2015) I visited Miami and presented at the INFILTRATE Security Conference a talk on Firefox heap exploitation, titled “OR’LYEH? The Shadow over Firefox”. The organization of the conference was flawless and the people I met there were amazing. A special thank you to the Immunity team for being great hosts and for their helpful feedback.

POSTED BY: argp / 27.11.2014

Project Heapbleed

I recently presented a talk on heap exploitation abstraction at two conferences, namely ZeroNights 2014 (Moscow, Russia) and BalCCon 2014 (Novi Sad, Serbia). The talk titled “Project Heapbleed”, collected the experience of exploiting allocators in various different target applications and platforms. The talk focused on practical, reusable heap attack primitives that aim to reduce the exploit development time and effort.